Trusteer Research Identifies Five Most Dangerous Malware Trends for 2013

Trusteer, the leading provider of
endpoint cybercrime prevention solutions, today released the Top Five
Most Dangerous Malware Trends for 2013. According to Trusteer’s security
research group the biggest threats facing financial institutions and
enterprises next year will include attacks against the Google Chrome
Browser, the emergence of native 64-bit Windows malware and crimeware
that can detect and evade virtual machine, sandboxing, and other
containment mechanisms. An infographic that summarizes the findings is
available here.

“2012 was characterized by the increasing sophistication of malware’s
ability to evade detection and the beginning of financial fraud
platforms like Zeus, SpyEye and others crossing over to attack
enterprise endpoints,” said Amit Klein, CTO of Trusteer and head of the
company’s security research group. “We expect criminals to continue to
innovate in 2013 and step up attacks against enterprises. Our
researchers have identified evidence of what we believe will be the top
five most dangerous trends in malware next year, including Google
attacks, native 64-bit Windows malware and increasingly advanced evasion
techniques.”

Why it's dangerous: 32-bit malware is handicapped when it runs on
64-bit machines. That’s because the 32-bit malware cannot see or
penetrate the “native” 64-bit system processes it uses to evade
detection. As malware variants start supporting 64-bit processes, they
will once again be difficult to detect on 64-bit machines.

3) Detection-aware malware targeting enterprises

CIO, CTO & Developer Resources

In 2012, both financial and non-financial malware variants were
discovered that could detect virtualization, debugging, sandboxing and
monitoring processes on the host machine. For example, a recent Shylock
variant will not install when it detects a Remote Desktop session, most
likely to avoid detection in a “lab” environment.

Why it's dangerous: These capabilities present a serious threat
to virtual machine-based detection and protection products, since the
malware would appear to be harmless to these security tools.

4) Big increase in new and modified financial malware families

In 2012, the number of completely new financial malware families almost
doubled from three in 2011 to five in 2012. It’s important to note that
many different configurations (variants) can exist within one malware
family. We expect this trend to continue with even more new malware
families introduced next year.

In 2012, the four phases of the malware lifecycle (incubation, outbreak,
botnet and retirement) among the variants we investigated accelerated
significantly compared to 2011. Because security products continue to
improve detection, the window of opportunity for malware to remain
undetected is decreasing. The incubation and outbreak phases decreased
from one month or more in 2011 to approximately two weeks in 2012. We
expect this time frame to shrink even further next year.

Why it's dangerous: The faster the malware lifecycle, the more
difficult it is for security products to detect, block and remove
malicious software. In an accelerated lifecycle environment, the fraud
is already committed before traditional anti-virus/anti-malware products
discover the malware.

About Trusteer

Boston-based Trusteer is the leading provider of endpoint cybercrime
prevention solutions that protect organizations against financial fraud
and data breaches. Hundreds of organizations and millions of end users
rely on Trusteer to protect their computers and mobile devices from
online threats that are invisible to legacy security solutions.
Trusteer’s Cybercrime Prevention Architecture combines multi-layer
security software with real-time threat intelligence to achieve
sustainable protection against malware and phishing attacks and meet
regulatory compliance requirements. Global organizations such as HSBC,
Santander, The Royal Bank of Scotland, SunTrust and Fifth Third use
Trusteer’s solutions and leading online banking providers such as First
Data, Harland Financial Solutions, Intuit and S1 integrate with Trusteer
to provide world-class protection for financial institutions of all
sizes. www.trusteer.com.

Cloud computing budgets worldwide are reaching into the hundreds of billions of dollars, and no organization can survive long without some sort of cloud migration strategy. Each month brings new announcements, use cases, and success stories.